08-15-2012 01:21 AM
Hi all,
I have managed to narrow down a problem that has been impacting our VPN users, the first line of the following config is missing from the current config:
nat (inside) 0 access-list nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
nat (dmz) 1 192.168.10.0 255.255.255.0
My question is, what is the command to put that first line back into the config? Thanks all.
Solved! Go to Solution.
08-15-2012 02:19 AM
This line is used to exempt your VPN-traffic from being NATed (together with the ACL nat0_outbound where your VPN-traffic should be defined). Just paste in the missing command:
asa# conf t
asa(config)# nat (inside) 0 access-list nat0_outbound
asa(config)# exit
asa# copy run start
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
08-15-2012 02:17 AM
I've worked this one out and added the line of config back in.
08-15-2012 02:19 AM
This line is used to exempt your VPN-traffic from being NATed (together with the ACL nat0_outbound where your VPN-traffic should be defined). Just paste in the missing command:
asa# conf t
asa(config)# nat (inside) 0 access-list nat0_outbound
asa(config)# exit
asa# copy run start
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
08-15-2012 02:22 AM
Thanks Karsten, that is what I eventually ended up doing, but thanks for the clarification.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide